bpmcdevitt/misc_rbtools
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

rubocop and added batch option from file to commandline progrma

Browse source
This commit is contained in:
kenna-bmcdevitt 2020-10-30 19:44:29 -05:00
parent 42decc7207
commit 70403b23dd
3 changed files with 28 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
security_tools/redhat_tools/rhel_rpm_to_cve.rb
View file

@ -1,4 +1,5 @@
# frozen_string_literal: true # frozen_string_literal: true
# this is meant to parse and query data in redhat linux rpm-to-cve.xml file # this is meant to parse and query data in redhat linux rpm-to-cve.xml file
# that is posted on their security API. # that is posted on their security API.
# Reference: https://www.redhat.com/security/data/metrics/ # Reference: https://www.redhat.com/security/data/metrics/
@ -24,7 +25,7 @@ class RhelRpmToCve
def refresh_rpm_to_cve_file(path) def refresh_rpm_to_cve_file(path)
r = RestClient::Request.execute( r = RestClient::Request.execute(
method: :get, method: :get,
url: "https://www.redhat.com/security/data/metrics/rpm-to-cve.xml" url: 'https://www.redhat.com/security/data/metrics/rpm-to-cve.xml'
) )
if r.code == 200 if r.code == 200
File.write(path, r.body) File.write(path, r.body)

11
security_tools/redhat_tools/rhel_security_api_client.rb
View file

@ -5,6 +5,7 @@
require 'rest-client' require 'rest-client'
require 'json' require 'json'
require 'active_support/core_ext/array/grouping.rb'
class RhelSecurityApiClient class RhelSecurityApiClient
attr_accessor :base_url attr_accessor :base_url
@ -46,4 +47,14 @@ class RhelSecurityApiClient
params = {} params = {}
request("/cve/#{cve_id}.json", params) request("/cve/#{cve_id}.json", params)
end end
def cves(cve_ids)
params = {}
responses = []
cve_ids.in_groups_of(500, false) do |cve_id_batch|
csv_cve_url_str = cve_id_batch.join(',')
responses << request('/cve.json?ids=' + csv_cve_url_str, params)
end
responses.flatten
end
end end

14
security_tools/redhat_tools/rpm_pkg_audit.rb
View file

@ -3,6 +3,7 @@
require 'optparse' require 'optparse'
require 'json' require 'json'
require 'csv'
require './rhel_rpm_to_cve' require './rhel_rpm_to_cve'
require './rhel_security_api_client' require './rhel_security_api_client'
require 'pry' require 'pry'
@ -13,6 +14,11 @@ data_file = './data/rpm-to-cve.xml'
options = {} options = {}
# for use with --cves-from-file arg
def read_cves_file(filepath)
CSV.read(filepath).flatten
end
parser = OptionParser.new do |parser| parser = OptionParser.new do |parser|
parser.banner = 'Usage: rpm_pkg_audit.rb [options]' parser.banner = 'Usage: rpm_pkg_audit.rb [options]'
parser.on('-p', '--pkg PKGNAME', 'Takes a base pkg name and returns cves from redhats security API.') do |pkg| parser.on('-p', '--pkg PKGNAME', 'Takes a base pkg name and returns cves from redhats security API.') do |pkg|
@ -30,6 +36,9 @@ parser = OptionParser.new do |parser|
parser.on('-c', '--cve CVE_ID', 'Takes a cve id and returns cve json from redhats security API.') do |cve| parser.on('-c', '--cve CVE_ID', 'Takes a cve id and returns cve json from redhats security API.') do |cve|
options[:cve] = cve options[:cve] = cve
end end
parser.on('-f', '--cves-from-file CVE_FILE', 'Takes a file one cve id per line and sends a batch request to redhat security API') do |file|
options[:file] = file
end
end end
parser.parse! parser.parse!
@ -58,6 +67,11 @@ elsif options[:cve]
cve = options[:cve] cve = options[:cve]
r = rhel_api_client.cve_id(cve) r = rhel_api_client.cve_id(cve)
puts JSON.pretty_generate(r) puts JSON.pretty_generate(r)
elsif options[:file]
filepath = options[:file]
cve_ids = read_cves_file(filepath)
r = rhel_api_client.cves(cve_ids)
puts JSON.pretty_generate(r)
else options.key?(:list) else options.key?(:list)
puts rpm_auditer.list_pkg_names.sort puts rpm_auditer.list_pkg_names.sort
end end